Recent headline-making breaches, including of Anthem and others, underscore the importance of security in the health care sector, especially as the industry looks for more affordable and efficient ways to provide higher levels of service to their customers.

One of these ways is by shifting to the cloud and adopting recurring revenue models that allow for broader innovation and flexibility in the way health care organizations can package and offer their services. However, as more organizations move their data to the cloud to meet these needs, patient privacy is a top-of-mind challenge.

HIPAA (Health Insurance Portability and Accountability Act of 1996) compliance has become increasingly important for any software that “touches” patient information. HIPAA requires a third-party audit to verify that the administrative, physical, and technical protections required for medical care businesses are in place. With the addition of PCI DSS certification — another rigorous security standard for organizations that accept credit cards — a company ensures that it meets the highest safety standards for adoption of recurring revenue.

These certifications validate the safeguards in place and add an important level of trust for health care and other companies looking to shift their critical back-end systems to the cloud. Health care providers are able to take advantage of these technologies to reap the benefits of recurring revenue: higher growth curves in terms of both sales and profits, while adding predictable sales streams.

Transforming health care

Recurring revenue holds the promise of transforming health care, benefiting patients as well as providers. For example, a global maker of big-ticket medical equipment began marketing its newest models of CAT and MRI machines. But the manufacturer encountered a slow market for the products. Only hospitals in urban centers could afford the price tag, and they were not eager to replace existing machines already in use.

Regional hospitals, which wanted the equipment, didn’t have the capital to make the investment. The challenge became how to tap this market. So the equipment manufacturer leased them to regional hospitals on a pay-per-use basis, one of the many iterations of the recurring revenue model.

The manufacturer was able to react to meet the needs of customers, and adjust its pricing structure accordingly.

All sides of the equation benefit under this recurring revenue scenario. The manufacturer shifts from selling devices to services, and adds regional hospitals to its market for the new machines. Regional hospitals preserve capital while their patients receive care locally, saving the time and expense of traveling to distant big city hospitals. Payors, such as insurance companies and government agencies, benefit too, because the recurring revenue generated by leasing helps to stabilize the overall expense of health care.

Providers that adopt cloud-based case management strategies can generate recurring payments when recommended treatments continue over a long period of time. For example, a provider could pinpoint a course of physical therapy through secured medical records, and then recommend a fitness center to provide the treatment. The provider then generates recurring sales by managing the subscriptions to the fitness center.

The more that customers trust their provider, the increased likelihood that they’ll participate in suggestions for improved health and fitness sent their way. The health care company that can harness the power of recurring revenue can often see dramatically increased earnings because it can align products and pricing with proper health care while protecting patient privacy.

What’s more, patients get more choices, increasing their level of satisfaction and making them less likely to opt out of recommended therapies. Many businesses benefit from HIPAA certification, even those enterprises that don’t have direct interaction with patients.

Responsible companies doing business in the health care sector all realize that the data flowing to or from them must be secure, and in fact, even more secure than what’s expected of many other industries. HIPAA certification provides an added measure of assurance.

The bottom line: with the proper security measures in place, customers can trust new technologies such as cloud billing and its inherent advanced monetization models. HIPAA compliance coupled with recurring revenue is a winning combination for health care companies looking for new formulas for success and customer service.

About the Author

Oleg Ganopolskiy is responsible for ensuring that Aria Systems' infrastructure provides the highest level of security, compliance, performance, capacity and reliability for its customers. Oleg joined Aria Systems from Nokia, where he was responsible for operational capacity, planning, analytics, and modeling across the company's Global Services Platform. Prior to Nokia, he managed technology operations at AOL and spent eight years in operations at eBay. He has held senior technical roles at Oracle Corporation and Nordic Systems, Inc. For fun, he travels, spends time with his family, works, and worries about work.